Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/mhqngUCpVs4u-_Jy7k5zxhJ8xOY.roa
File: mhqngUCpVs4u-_Jy7k5zxhJ8xOY.roa (raw, json)
Hash identifier: 7EHf1frU9iIy0RDzAwhcQGJPKwFkgYkHweRXkjWj8ac=
Subject key identifier: 9A:1A:A7:81:40:A9:56:CE:2E:FB:F2:72:EE:4E:73:C6:12:7C:C4:E6
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 018A418E12F73192F2FC41CC981873CFFAA1
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/mhqngUCpVs4u-_Jy7k5zxhJ8xOY.roa
Signing time: Tue 29 Aug 2023 13:49:04 +0000
ROA not before: Tue 29 Aug 2023 13:49:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198769
IP address blocks: 109.107.169.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:41:8e:12:f7:31:92:f2:fc:41:cc:98:18:73:cf:fa:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Aug 29 13:49:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a1aa78140a956ce2efbf272ee4e73c6127cc4e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9a:05:08:0b:31:3b:6b:54:9f:e5:26:80:6e:
b9:fc:7e:87:c1:0f:9a:ff:eb:c4:54:c1:02:f0:51:
19:d7:ce:35:85:13:2b:8e:3c:d6:65:9b:c2:7c:d6:
1c:a7:c5:c5:5b:07:da:bc:29:61:5d:36:96:7f:f6:
65:c2:f6:02:99:5c:d5:7e:77:ab:5a:2f:6a:30:1f:
47:5c:da:c4:4d:c8:db:4f:16:87:f7:0c:6a:49:ad:
41:cd:ff:7f:f7:75:e9:e4:11:3e:06:f0:26:8c:23:
6d:1b:a5:c5:04:03:c6:ea:8f:77:d4:53:d3:97:6b:
a2:52:a8:d8:bc:6c:0d:87:f7:4f:a0:1a:cb:13:94:
de:cc:c6:93:87:f4:d2:51:fa:5a:ef:61:5c:8d:11:
d4:93:d8:f3:81:39:df:1d:c9:87:e8:61:1b:ce:c9:
ec:b8:47:88:85:30:af:2b:ee:b6:3c:e9:c8:18:02:
f5:46:90:65:d0:81:23:bc:2b:1a:47:49:b9:b3:9b:
10:61:2e:eb:64:6c:34:4b:d5:08:b2:f1:3c:71:46:
aa:e7:8b:06:c1:a1:d3:e1:c1:db:2b:c6:5a:eb:65:
e0:4a:52:ae:cf:eb:34:df:e2:25:58:6d:b9:83:2f:
94:ea:80:8a:b1:bb:ff:4d:ab:a8:e5:2c:3a:88:fa:
02:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1A:A7:81:40:A9:56:CE:2E:FB:F2:72:EE:4E:73:C6:12:7C:C4:E6
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/mhqngUCpVs4u-_Jy7k5zxhJ8xOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.169.0/24
Signature Algorithm: sha256WithRSAEncryption
67:aa:62:2a:b3:89:90:4c:41:ee:a2:15:8f:36:b5:4b:1d:36:
ae:d8:23:49:07:e9:cd:0d:31:59:4f:ac:47:48:5f:ab:44:5d:
9b:3c:10:c2:45:08:11:fa:1d:6b:cb:3a:87:fd:b5:74:35:04:
a1:0f:62:5a:3f:aa:b5:7a:c6:73:27:16:39:65:e6:a7:11:2a:
21:b2:e4:ed:26:54:de:5c:ca:7c:5b:71:e1:1c:63:93:d3:e7:
1d:01:28:e1:63:24:a6:83:2a:40:06:ef:f7:21:01:b9:87:ef:
6a:3a:88:1c:f7:d2:0c:7d:b7:2a:fa:c2:34:39:5d:d5:c2:0b:
b5:8b:18:38:c3:8e:e5:98:71:f4:5d:05:e4:45:59:9e:fb:bc:
51:c5:82:84:7f:d7:f4:07:fa:33:28:c4:b0:ca:02:d1:ba:a9:
d3:13:28:31:f8:0d:b9:58:92:c6:73:b3:9a:52:ee:e8:c4:b0:
0f:db:71:0c:70:22:a3:ab:b2:1f:e3:8e:3b:5b:8b:ad:b6:8a:
c4:96:70:e9:67:7f:0b:99:6a:8d:d3:d7:f2:47:b1:1c:19:71:
ab:5b:05:30:53:bc:ea:90:e3:b0:fd:e2:bf:b8:d3:9f:b6:58:
64:5c:d6:0b:c3:46:74:75:9d:ec:81:40:65:6a:90:f1:1f:1c:
93:6a:b6:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpBjhL3MZLy/EHMmBhzz/qhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEw
MmExNmEwHhcNMjMwODI5MTM0OTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTFhYTc4MTQwYTk1NmNlMmVmYmYyNzJlZTRlNzNjNjEyN2NjNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpoFCAsxO2tUn+UmgG65/H6HwQ+a
/+vEVMEC8FEZ1841hRMrjjzWZZvCfNYcp8XFWwfavClhXTaWf/ZlwvYCmVzVfner
Wi9qMB9HXNrETcjbTxaH9wxqSa1Bzf9/93Xp5BE+BvAmjCNtG6XFBAPG6o931FPT
l2uiUqjYvGwNh/dPoBrLE5TezMaTh/TSUfpa72FcjRHUk9jzgTnfHcmH6GEbzsns
uEeIhTCvK+62POnIGAL1RpBl0IEjvCsaR0m5s5sQYS7rZGw0S9UIsvE8cUaq54sG
waHT4cHbK8Za62XgSlKuz+s03+IlWG25gy+U6oCKsbv/Tauo5Sw6iPoCLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJoap4FAqVbOLvvycu5Oc8YSfMTmMB8GA1UdIwQY
MBaAFHrP0Hl+LZvTU50ZWgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEt
OWY0MDI1NTcxY2JhLzEvbWhxbmdVQ3BWczR1LV9KeTdrNXp4aEo4eE9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2Jh
LzEvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWupMA0G
CSqGSIb3DQEBCwUAA4IBAQBnqmIqs4mQTEHuohWPNrVLHTau2CNJB+nNDTFZT6xH
SF+rRF2bPBDCRQgR+h1ryzqH/bV0NQShD2JaP6q1esZzJxY5ZeanESohsuTtJlTe
XMp8W3HhHGOT0+cdASjhYySmgypABu/3IQG5h+9qOogc99IMfbcq+sI0OV3Vwgu1
ixg4w47lmHH0XQXkRVme+7xRxYKEf9f0B/ozKMSwygLRuqnTEygx+A25WJLGc7Oa
Uu7oxLAP23EMcCKjq7If4447W4uttorElnDpZ38LmWqN09fyR7EcGXGrWwUwU7zq
kOOw/eK/uNOftlhkXNYLw0Z0dZ3sgUBlapDxHxyTarZi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:09 2024 by rpki-client on console-fra.rpki-client.org